urlscan.io logo urlscan.io
SecurityTrails logo

riscosacadohmg.itau.com.br Open in urlscan Pro
18.234.20.106  Public Scan

Go To Rescan Add Verdict Report
URL: https://riscosacadohmg.itau.com.br/
Submission: On September 26 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 46 HTTP transactions. The main IP is 18.234.20.106, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is riscosacadohmg.itau.com.br.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 21st 2024. Valid for: a year.
This is the only time riscosacadohmg.itau.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 18.234.20.106 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.138.7.16 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.138.7.111 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 13.224.189.37 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 151.101.194.217 54113 (FASTLY)
4 18.233.115.216 14618 (AMAZON-AES)
2 76.223.31.44 16509 (AMAZON-02)
46 13
12    18.234.20.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-20-106.compute-1.amazonaws.com
riscosacadohmg.itau.com.br
1    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    108.138.7.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-16.fra56.r.cloudfront.net
3rcb6b7bt4x2.statuspage.io
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net
3rcb6b7bt4x2.statuspage.io
2    2606:4700:20::ac43:4693 (United States)

ASN13335 (CLOUDFLARENET, US)
static.userguiding.com
10    13.224.189.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-37.fra2.r.cloudfront.net
assets.monkeyecx.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    151.101.194.217 (San Francisco, United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
4    18.233.115.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-115-216.compute-1.amazonaws.com
events.launchdarkly.com
2    76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com
Apex Domain
Subdomains		 Transfer
12 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 797
events.launchdarkly.com — Cisco Umbrella Rank: 947
clientstream.launchdarkly.com — Cisco Umbrella Rank: 937
2 KB
12 itau.com.br
riscosacadohmg.itau.com.br
5 MB
10 monkeyecx.com
assets.monkeyecx.com
73 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
68 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
67 KB
2 userguiding.com
static.userguiding.com — Cisco Umbrella Rank: 43483
595 KB
2 statuspage.io
3rcb6b7bt4x2.statuspage.io
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 870
115 KB
46 9
Domain Requested by
12 riscosacadohmg.itau.com.br riscosacadohmg.itau.com.br
10 assets.monkeyecx.com client
riscosacadohmg.itau.com.br
assets.monkeyecx.com
6 app.launchdarkly.com riscosacadohmg.itau.com.br
4 events.launchdarkly.com riscosacadohmg.itau.com.br
3 fonts.gstatic.com fonts.googleapis.com
2 clientstream.launchdarkly.com
2 www.googletagmanager.com riscosacadohmg.itau.com.br
2 static.userguiding.com riscosacadohmg.itau.com.br
2 3rcb6b7bt4x2.statuspage.io riscosacadohmg.itau.com.br
3rcb6b7bt4x2.statuspage.io
1 fonts.googleapis.com riscosacadohmg.itau.com.br
1 www.gstatic.com riscosacadohmg.itau.com.br
1 unpkg.com riscosacadohmg.itau.com.br
46 12

This site contains no links.

Subject Issuer Validity Valid
riscosacadohmg.itau.com.br
GlobalSign RSA OV SSL CA 2018		 2024-08-21 -
2025-09-22		 a year crt.sh
unpkg.com
WE1		 2024-09-25 -
2024-12-24		 3 months crt.sh
*.statuspage.io
Amazon RSA 2048 M02		 2024-09-18 -
2025-10-18		 a year crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
static.userguiding.com
WE1		 2024-09-21 -
2024-12-20		 3 months crt.sh
*.monkeyecx.com
Sectigo RSA Organization Validation Secure Server CA		 2024-06-11 -
2025-07-10		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M03		 2024-07-16 -
2025-08-14		 a year crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02		 2024-07-16 -
2025-08-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://riscosacadohmg.itau.com.br/
Frame ID: 0434D308713B2D7D1F703655EC0F3BA3
Requests: 39 HTTP requests in this frame

Frame: https://3rcb6b7bt4x2.statuspage.io/embed/frame
Frame ID: 0B17A515037A4CEEA0F84E5FEEDABF66
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-TK9XBXLD
Frame ID: E4F4740B9E0306D77DB94F52A5012682
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Itaú

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

46
Requests

100 %
HTTPS

46 %
IPv6

9
Domains

12
Subdomains

13
IPs

2
Countries

6306 kB
Transfer

8609 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
riscosacadohmg.itau.com.br/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
5beb693cf70ad744d6442db35efb4d5e67fec29364d55ec1d7d9cc34c5ff1989
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
3542
apigw-requestid
evBAMhsloAMEMIg=
content-length
10599
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
content-type
text/html
date
Thu, 26 Sep 2024 22:36:49 GMT
etag
"093e40dae80a752c327595a39416eb01"
last-modified
Thu, 26 Sep 2024 20:53:22 GMT
monkey-code
wl/itau
referrer-policy
same-origin
server
monkey
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="JUXm1in65hIz2SQFrOGx2MLUtzV4qxj2cRxqVBnriBm2ztl5kj9Z7w==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=38
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront)
x-amz-cf-id
JUXm1in65hIz2SQFrOGx2MLUtzV4qxj2cRxqVBnriBm2ztl5kj9Z7w==
x-amz-cf-pop
IAD89-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/ 		337 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a251662165f4ce8a58450330d03b4578f05a17a3aa625f9cae9f8867b91868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"54557-mEzLpqpg5bSX6hg9TQvipFKQcc8"
age
2659603
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 22:36:49 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J68Z8T5Z71PVTA3HSTM3TWQE-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8c96bc2738f43635-FRA
access-control-allow-origin
*
server
cloudflare
script.js
3rcb6b7bt4x2.statuspage.io/embed/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3rcb6b7bt4x2.statuspage.io/embed/script.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-16.fra56.r.cloudfront.net
Software
AtlassianEdge /
Resource Hash
b42bdb41fbd4bf6e4b6ae6d26451370c1a69b914b6e4b8e7cf3d81fbf199e32f
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
W/"b42bdb41fbd4bf6e4b6ae6d26451370c"
x-permitted-cross-domain-policies
none
report-to
{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
x-content-type-options
nosniff
x-statuspage-version
99ea4a6e669705b2de08c4c6d2fd55587a69f197
server-timing
atl-edge;dur=65,atl-edge-internal;dur=4,atl-edge-upstream;dur=63,atl-edge-pop;desc="aws-us-east-1"
x-cache
Miss from cloudfront
x-amz-cf-id
JT42dXT8-ap_Olm4GDAVJ_amyXwx_mi0KppXRobak2AFjIeKE-GHhQ==
date
Thu, 26 Sep 2024 22:36:49 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.112877
strict-transport-security
max-age=259200
x-statuspage-skip-logging
true
cache-control
max-age=3, public
nel
{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-pollinator-metadata-service
status-page-web-pages
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P6
atl-traceid
97cde08164f34915b4c141ec12f3dbe8
server
AtlassianEdge
loader.js
www.gstatic.com/charts/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
1786
report-to
{"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
x-content-type-options
nosniff
expires
Thu, 26 Sep 2024 23:07:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 22:07:03 GMT
last-modified
Tue, 04 Apr 2023 17:52:30 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="gviz"
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
accept-ranges
bytes
content-length
18534
x-xss-protection
0
server
sffe
runtime.230fa2bc3d3ecc7c.js
riscosacadohmg.itau.com.br/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/runtime.230fa2bc3d3ecc7c.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
d8369858b988da0292bd947205e61657b82efef480f61f25dc10c96aca80c48d
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://riscosacadohmg.itau.com.br/

Response headers

x-robots-tag
noindex, nofollow
etag
"25893bc643ced481058393a1fe8298f3"
age
5181
x-content-type-options
nosniff
apigw-requestid
evBAOjXQIAMEYLQ=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="wAUniOfO9O4gMmj7BkGmRLb0QfljXdHqpu8_0L6ssAGD6iixgMjV3w==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=41
x-cache
Hit from cloudfront
x-amz-cf-id
wAUniOfO9O4gMmj7BkGmRLb0QfljXdHqpu8_0L6ssAGD6iixgMjV3w==
date
Thu, 26 Sep 2024 22:36:49 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 20:53:23 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 41498907366f3804198b1abc90c08490.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9320
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
polyfills.45e68c9814bbcfbd.js
riscosacadohmg.itau.com.br/ 		211 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
35ac0bef4f5a6ab0597a358f27a91b16399209d3b5fecafe3507a7e747160521
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://riscosacadohmg.itau.com.br/

Response headers

x-robots-tag
noindex, nofollow
etag
"8a5f8451a035494c38f0914c29c3bf90"
age
5180
x-content-type-options
nosniff
apigw-requestid
evBAOhTNoAMEMBQ=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="_hbZfx712KbNSpdd641zoUGLoHcPA3Q_RsGHVpEND3CstURJGJlkag==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=36
x-cache
Hit from cloudfront
x-amz-cf-id
_hbZfx712KbNSpdd641zoUGLoHcPA3Q_RsGHVpEND3CstURJGJlkag==
date
Thu, 26 Sep 2024 22:36:49 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 20:53:23 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
216062
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
main.d3b9c57e954b100b.js
riscosacadohmg.itau.com.br/ 		5 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/main.d3b9c57e954b100b.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
6b4091470f829e2f1bae7554101b9744e5f5b99aae0ce63e3ecd2534a9b7c598
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://riscosacadohmg.itau.com.br/

Response headers

x-robots-tag
noindex, nofollow
etag
"76d03f1fd790db4e777be90f74202108"
age
5180
x-content-type-options
nosniff
apigw-requestid
evBAOi71oAMEMJQ=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="cCvD8PMTaz4W_wqEjrmXo8Feiy50AnX9uN-MRpp65zI0cS8YkWDm5Q==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=26
x-cache
Hit from cloudfront
x-amz-cf-id
cCvD8PMTaz4W_wqEjrmXo8Feiy50AnX9uN-MRpp65zI0cS8YkWDm5Q==
date
Thu, 26 Sep 2024 22:36:49 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 20:53:22 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 8aaf07807b640d113c47df1d50eca064.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4730638
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
styles.84294f90c056b3f5.css
riscosacadohmg.itau.com.br/ 		155 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/styles.84294f90c056b3f5.css
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
8fd2eb1e50eb117e84d22e6ed6fed2e50bf059f2b1527fff8b96679fcf1310ee
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://riscosacadohmg.itau.com.br/

Response headers

x-robots-tag
noindex, nofollow
etag
"4cfc0df53dc543a725734ea3dc8041bc"
age
5180
x-content-type-options
nosniff
apigw-requestid
evBAOguuIAMEYFg=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="wlx1DYcFbwfqnpzYyffJvo3DQJq6l8Zf3v4LgwSqPqMFZHWqM4IoPg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=51
x-cache
Hit from cloudfront
x-amz-cf-id
wlx1DYcFbwfqnpzYyffJvo3DQJq6l8Zf3v4LgwSqPqMFZHWqM4IoPg==
date
Thu, 26 Sep 2024 22:36:49 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 20:53:23 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
159196
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
frame
3rcb6b7bt4x2.statuspage.io/embed/ Frame 0B17 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3rcb6b7bt4x2.statuspage.io/embed/frame
Requested by
Host: 3rcb6b7bt4x2.statuspage.io
URL: https://3rcb6b7bt4x2.statuspage.io/embed/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-111.fra56.r.cloudfront.net
Software
AtlassianEdge /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
atl-traceid
9fef7d7dd79d4d6cb2429fabfaa619ae
cache-control
max-age=3, public
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 26 Sep 2024 22:36:49 GMT
etag
W/"15104aa4a9beb559d0976be766d70b86"
nel
{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
server
AtlassianEdge
server-timing
atl-edge;dur=65,atl-edge-internal;dur=3,atl-edge-upstream;dur=63,atl-edge-pop;desc="aws-us-east-1"
strict-transport-security
max-age=259200
vary
Accept-Encoding
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-id
9hgHFbfZFZx3dzv-LzPdbM_K_0FP-3WiHAbSDflLatXcH6gX35Gttw==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-pollinator-metadata-service
status-page-web-pages
x-runtime
0.135362
x-statuspage-skip-logging
true
x-statuspage-version
99ea4a6e669705b2de08c4c6d2fd55587a69f197
x-xss-protection
1; mode=block
user-guiding-9CA75497P0VID-embedded.js
static.userguiding.com/media/ 		2 MB
584 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.userguiding.com/media/user-guiding-9CA75497P0VID-embedded.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c5f58b035950e7439c27f066e3acaace7fb2f4aa40ffc07887ef585778bb47d6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag
noindex,nofollow
content-encoding
br
cf-cache-status
MISS
etag
W/"2310c6-1922de0548a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3HfVz77Lkxq4Bd9VcyEX1iw1ws09Chp%2BkYgxVb%2BnW8IVsFNtt5En34X8TaMTqKLXXTvNB9ebbu4fKT1aDMYRYTfZ%2BETWWCz%2FD8e5xYUBsfrSilPrJxQHtzezyHIste1pgdkbySgvOc6JG0nfDYEAIYY8Do%3D"}],"group":"cf-nel","max_age":604800}
date
Thu, 26 Sep 2024 22:36:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 26 Sep 2024 10:28:49 GMT
x-sent
true
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timestamp
1727390209561
cf-ray
8c96bc297928d25c-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
sdk-9CA75497P0VID.json
static.userguiding.com/media/ 		77 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.userguiding.com/media/sdk-9CA75497P0VID.json
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0fce77a94ccff1f61eeceb2d566309159c2f54e3c378062136a077d90e13300a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

x-robots-tag
noindex,nofollow
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"13476-192305b7a2d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jt26b16CLZHHhRSTInwfv5eekFDHB%2FfT8tXz6XimzKTyN9SmVzTfwuGD4OrYq%2BlflBATbv2z46Q2kPVBozoHkI6QnBZN1KXVEH0Y3IXeJL5u9vfG%2B4wLiaJiqgIKFunE7X4RZdRCTXSwaYhZrMpHVV8qfho%3D"}],"group":"cf-nel","max_age":604800}
date
Thu, 26 Sep 2024 22:36:50 GMT
content-type
application/json; charset=UTF-8
last-modified
Thu, 26 Sep 2024 22:02:34 GMT
x-sent
true
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timestamp
1727390210452
cf-ray
8c96bc2e7ac13618-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
monkey-icons.min.css
assets.monkeyecx.com/icons/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.monkeyecx.com/icons/monkey-icons.min.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fd44a4891c1471041b901cec2f435887b5dbd6dd565248c2aea06601e78feba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
W/"b3ae183f820af2d81703f1260a6c8f13"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
OdDMIHKAoQe80JxXvs4drMnihN4eXFPfyOPCENfuxa4aGsvGAOVNtg==
date
Thu, 26 Sep 2024 22:36:51 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 20:44:06 GMT
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
common.415e670d33eba8fa.js
riscosacadohmg.itau.com.br/ 		64 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/common.415e670d33eba8fa.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/runtime.230fa2bc3d3ecc7c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
1566adb25728e6c484131c89dd23a5de57f3cc51f64f4857f16454b63c5d873d
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://riscosacadohmg.itau.com.br/

Response headers

x-robots-tag
noindex, nofollow
etag
"2a331324c61dc1334d2ffd9424f9a4d4"
age
5177
x-content-type-options
nosniff
apigw-requestid
evBAbgnYoAMEYzw=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="XkwI19_OW5jIWwcVEm6oUv-LtEgxcKpM5XxScjq2VuU8B5-idTLRiQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=19
x-cache
Hit from cloudfront
x-amz-cf-id
XkwI19_OW5jIWwcVEm6oUv-LtEgxcKpM5XxScjq2VuU8B5-idTLRiQ==
date
Thu, 26 Sep 2024 22:36:50 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 20:53:22 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 e0a78b49206aba2a7e76eb45b9688a8e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
65239
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
1868.c5abc3a0939da3d6.js
riscosacadohmg.itau.com.br/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/1868.c5abc3a0939da3d6.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/runtime.230fa2bc3d3ecc7c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
77d9b2e9052d238fa5ae38423fb5e461e63f0536adc150bc30b4cdd5dc8c357a
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://riscosacadohmg.itau.com.br/

Response headers

x-robots-tag
noindex, nofollow
etag
"099806fc639170b4c29bf564c3276f55"
age
5177
x-content-type-options
nosniff
apigw-requestid
evBAbgvToAMEMHA=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="saZ7RtGUk_dk2VsTjdrSmFs9JaP8KtQNPX2hZNYloVlIn5NMXpdfoA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=17
x-cache
Hit from cloudfront
x-amz-cf-id
saZ7RtGUk_dk2VsTjdrSmFs9JaP8KtQNPX2hZNYloVlIn5NMXpdfoA==
date
Thu, 26 Sep 2024 22:36:50 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 20:53:20 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5942
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
bootstrap.json
riscosacadohmg.itau.com.br/assets/monkeyecx/ 		425 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/assets/monkeyecx/bootstrap.json
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
77f604ab6a94bf0f56a75455357e7eaaccb790c008e8a070e3a250aa5f8bba24
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://riscosacadohmg.itau.com.br/

Response headers

x-robots-tag
noindex, nofollow
etag
"f474eaa285b958d546b41af891423d25"
age
5177
x-content-type-options
nosniff
apigw-requestid
evBAbhUFoAMEYHg=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="Qpqjd-CeBroalT_EL5iX2qME7Vji0iZ89VEDDi1Z4FFXDW_9EgxqOQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=27
x-cache
Hit from cloudfront
x-amz-cf-id
Qpqjd-CeBroalT_EL5iX2qME7Vji0iZ89VEDDi1Z4FFXDW_9EgxqOQ==
date
Thu, 26 Sep 2024 22:36:50 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 20:53:22 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 e0a78b49206aba2a7e76eb45b9688a8e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
425
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
3972.af0b3b1bacfff77f.js
riscosacadohmg.itau.com.br/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/3972.af0b3b1bacfff77f.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/runtime.230fa2bc3d3ecc7c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
859ffdbf3a6af6684ad4dd453bd68667748a0b2cbfbb57adfa6a8ac5545ce4b9
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://riscosacadohmg.itau.com.br/

Response headers

x-robots-tag
noindex, nofollow
etag
"12656550bd8137725e97364faabc2bde"
age
5177
x-content-type-options
nosniff
apigw-requestid
evBAdhL-IAMEMUw=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="eM8uY8M6LfkC1fQctpxtaarUNm-BoOK82dr2OE1bq1Qgqp3pNPS0vA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=15
x-cache
Hit from cloudfront
x-amz-cf-id
eM8uY8M6LfkC1fQctpxtaarUNm-BoOK82dr2OE1bq1Qgqp3pNPS0vA==
date
Thu, 26 Sep 2024 22:36:50 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 20:53:20 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 92ed8a6103fa735c31caf49b92d4efb6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
31898
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
1828.981a33ba43a76cbd.js
riscosacadohmg.itau.com.br/ 		28 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/1828.981a33ba43a76cbd.js
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/runtime.230fa2bc3d3ecc7c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
fea9f4c86b038edc5ee12c4dd7026500cdcea3888e1f0538220e68d317a0110a
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://riscosacadohmg.itau.com.br/

Response headers

x-robots-tag
noindex, nofollow
etag
"9f49050620e2457b3d62c99c1ac29bf5"
age
4921
x-content-type-options
nosniff
apigw-requestid
evBAdigZIAMEMzQ=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="8i7C6te1lZmmuXoXraVBvJF1n1I1C6JZeAHhxgwKHCWgYYeyh7to3A==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=21
x-cache
Hit from cloudfront
x-amz-cf-id
8i7C6te1lZmmuXoXraVBvJF1n1I1C6JZeAHhxgwKHCWgYYeyh7to3A==
date
Thu, 26 Sep 2024 22:36:50 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 20:53:20 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 ec18462cf9d88c8bdb0cd5e50dbe442a.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
28936
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TK9XBXLD
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/main.d3b9c57e954b100b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e63c7de38aac967299c282d02b5ef81a5f8c32b520b9a4b4be5bb9a3109e325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 26 Sep 2024 22:36:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 22:36:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 26 Sep 2024 22:19:56 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
67979
x-xss-protection
0
server
Google Tag Manager
ns.html
www.googletagmanager.com/ Frame E4F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-TK9XBXLD
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/main.d3b9c57e954b100b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1128:0
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
cross-origin-resource-policy
cross-origin
date
Thu, 26 Sep 2024 22:36:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1128:0"}],}
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
pt-BR.json
assets.monkeyecx.com/credit/data/i18n/auth/ 		38 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.monkeyecx.com/credit/data/i18n/auth/pt-BR.json
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bff0ae4be43acda4c151c9d8afcc2c9ac204ab6f21d8dd3bdaef1227bf0920e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
content-encoding
br
etag
W/"ac1c5199623156aca3626cee6380cd3f"
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
4WEDz3tVq2hWI-Bx5SlgT8xyfebu6TgQNZ8fn5gs-hByhPa03IPFsQ==
date
Thu, 26 Sep 2024 22:36:51 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 20:44:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
favicon.ico
riscosacadohmg.itau.com.br/ 		25 KB
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
a4d7a68097c48877ef771c8b658255fedc24dd3578bfc91a8f77b843eafbc64a
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://riscosacadohmg.itau.com.br/authentication/email/login

Response headers

x-robots-tag
noindex, nofollow
etag
"63f664cebd33702fb302226d813ec69c"
age
5177
x-content-type-options
nosniff
apigw-requestid
evBAghkkoAMEMKA=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="5FrocaEmiL4YySCI3Sp1-RPCvsXBc1Adea44zH_aCnGPJbv_OXgk0g==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=21
x-cache
Hit from cloudfront
x-amz-cf-id
5FrocaEmiL4YySCI3Sp1-RPCvsXBc1Adea44zH_aCnGPJbv_OXgk0g==
date
Thu, 26 Sep 2024 22:36:51 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 26 Sep 2024 20:53:22 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25289
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
pt-BR.json
riscosacadohmg.itau.com.br/assets/i18n/ 		207 KB
208 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://riscosacadohmg.itau.com.br/assets/i18n/pt-BR.json
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.20.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-20-106.compute-1.amazonaws.com
Software
monkey /
Resource Hash
bfdb9c15465f41cbccc58792b9cc5d81192c41916ffabc51eb936bbc865442e0
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://riscosacadohmg.itau.com.br/authentication/email/login

Response headers

x-robots-tag
noindex, nofollow
etag
"4c488fe8296f2a0946e356de30cb5531"
age
5177
x-content-type-options
nosniff
apigw-requestid
evBAjhbXIAMEMqQ=
server-timing
cdn-cache-hit,cdn-pop;desc="IAD89-P2",cdn-rid;desc="RaDnARG4pt8XWudYfcpi2WBwL7nS2k11taYodmEv_Ue_Or3H-8IS5g==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=16
x-cache
Hit from cloudfront
x-amz-cf-id
RaDnARG4pt8XWudYfcpi2WBwL7nS2k11taYodmEv_Ue_Or3H-8IS5g==
date
Thu, 26 Sep 2024 22:36:51 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 20:53:22 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
referrer-policy
same-origin
via
1.1 41498907366f3804198b1abc90c08490.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
212356
x-xss-protection
1; mode=block
monkey-code
wl/itau
x-amz-cf-pop
IAD89-P2
server
monkey
x-amz-server-side-encryption
AES256
pt-BR.json
assets.monkeyecx.com/credit/data/i18n/alerts/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.monkeyecx.com/credit/data/i18n/alerts/pt-BR.json
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7b5025adf605437c7f7dd48c9b341fa512a226aa53ba7512b3083e421915f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
content-encoding
br
etag
W/"aa8f545a2f9a560b5aa0ddd911c0105d"
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
0WT_QQiEAcz0Z5Vy-U-R9ZGpePaHoJbO9lLkVauOwd-7EARed_iyEA==
date
Thu, 26 Sep 2024 22:36:52 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 20:44:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
pt-BR.json
assets.monkeyecx.com/credit/data/i18n/shared/ 		23 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.monkeyecx.com/credit/data/i18n/shared/pt-BR.json
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f8a3500de98ca97135e53c9ba0e74899121fd18c10b9d410b6881751c25666b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
content-encoding
br
etag
W/"e1fc720562b0e1dedb346a3b7bf4b70e"
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
t90atSzz9a7W1HH4YRl4zL4sVP-sKv4UpW5xI65PTMmXm1SI1jGIog==
date
Thu, 26 Sep 2024 22:36:52 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 20:44:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
pt-BR.json
assets.monkeyecx.com/credit/data/i18n/register/ 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.monkeyecx.com/credit/data/i18n/register/pt-BR.json
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c028eb5da079098eb1dded03ea2b06ba40d2dc0b993c10f8dd4d17df8aea68fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
content-encoding
br
etag
W/"a9e0cf1b6bdd4351d46c4c205d49a8be"
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
trn1kmAQ2XU93R_lTJfe1zqwwVWRSze19JcWHlcAJzwIu5jpxSo8RA==
date
Thu, 26 Sep 2024 22:36:52 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 20:44:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
monkey-style-guide-settings.json
assets.monkeyecx.com/credit/wl/itau/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.monkeyecx.com/credit/wl/itau/monkey-style-guide-settings.json
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45d83f4a198dc9974d04f0ca8e82d70ce89f31f85dd97547599301e8a282d015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
content-encoding
br
etag
W/"93fd09375b5688b1958c94ba5ffe584a"
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
YoYOk1mqyGe96-T3XvAyWJJPlqk5PzfLLraxTucGuTlE1dwH05MDDw==
date
Thu, 26 Sep 2024 22:36:52 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 20:44:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
css2
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/main.d3b9c57e954b100b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c0343a3fa6af2a7f1604b534ebd429b27d0776182d8750c7c01d90c742d79bc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 26 Sep 2024 22:36:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 22:36:51 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 26 Sep 2024 22:36:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
favicon.svg
assets.monkeyecx.com/credit/wl/itau/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.monkeyecx.com/credit/wl/itau/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9b7864be81f06f65f9128b81132411c02e94942eb1d09b7553a3a55dc409edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
W/"a4be46ad11ee73be4dacc4cf3b569809"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
sR37Xmy1J3dk3J8Pl5WRjOH9ct-KRZf2lSYY77tTLlIJyTE4LhPwHg==
date
Thu, 26 Sep 2024 22:36:52 GMT
content-type
image/svg+xml
last-modified
Thu, 26 Sep 2024 20:44:05 GMT
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://fonts.googleapis.com/

Response headers

age
48240
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 09:12:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 09:12:51 GMT
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50668
x-xss-protection
0
server
sffe
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://fonts.googleapis.com/

Response headers

age
48240
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 09:12:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 09:12:51 GMT
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50668
x-xss-protection
0
server
sffe
white-label.json
assets.monkeyecx.com/credit/wl/itau/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.monkeyecx.com/credit/wl/itau/white-label.json
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb06443b2f83e815eba1ba8658568c4d0636d1892c9d77aad2f02a02077f79d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
content-encoding
br
etag
W/"1a22363b4fafe23820c9f84ea5db39d5"
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
Y5WLpR2oJuqil4frDpRSucr_RxmoQb2flgArpy1wx0EB1cWrMeow9A==
date
Thu, 26 Sep 2024 22:36:53 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 20:44:05 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
62b32c985da31a12c2cf3965
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/62b32c985da31a12c2cf3965
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://riscosacadohmg.itau.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Thu, 26 Sep 2024 22:36:52 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230099-FRA
x-timer
S1727390212.327725,VS0,VE93
eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6InVuZGVmaW5lZCNtb25rZXlAbW9ua2V5LmV4Y2hhbmdlIn0
app.launchdarkly.com/sdk/evalx/62b32c985da31a12c2cf3965/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/62b32c985da31a12c2cf3965/contexts/eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6InVuZGVmaW5lZCNtb25rZXlAbW9ua2V5LmV4Y2hhbmdlIn0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://riscosacadohmg.itau.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Thu, 26 Sep 2024 22:36:52 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230099-FRA
x-timer
S1727390212.327745,VS0,VE95
62b32c985da31a12c2cf3965
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/62b32c985da31a12c2cf3965
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-115-216.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://riscosacadohmg.itau.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Thu, 26 Sep 2024 22:36:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6IklUQVUjbW9ua2V5QG1vbmtleS5leGNoYW5nZSJ9
app.launchdarkly.com/sdk/evalx/62b32c985da31a12c2cf3965/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/62b32c985da31a12c2cf3965/contexts/eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6IklUQVUjbW9ua2V5QG1vbmtleS5leGNoYW5nZSJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://riscosacadohmg.itau.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Thu, 26 Sep 2024 22:36:52 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230099-FRA
x-timer
S1727390212.327673,VS0,VE94
62b32c985da31a12c2cf3965
app.launchdarkly.com/sdk/goals/ 		2 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/62b32c985da31a12c2cf3965
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer

Response headers

content-md5
d751713988987e9331980363e24189ce
access-control-max-age
300
content-encoding
gzip
etag
"d751713988987e9331980363e24189ce"
age
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
MISS
date
Thu, 26 Sep 2024 22:36:52 GMT
content-type
application/json
x-served-by
cache-fra-eddf8230099-FRA
x-cache-hits
0
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
cache-control
max-age=0
x-timer
S1727390212.427103,VS0,VE114
ld-region
us-east-1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
26
eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6InVuZGVmaW5lZCNtb25rZXlAbW9ua2V5LmV4Y2hhbmdlIn0
app.launchdarkly.com/sdk/evalx/62b32c985da31a12c2cf3965/contexts/ 		3 KB
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/62b32c985da31a12c2cf3965/contexts/eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6InVuZGVmaW5lZCNtb25rZXlAbW9ua2V5LmV4Y2hhbmdlIn0
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c705ac369b403c6c53d8f3ed8a98ae9be7a080c0022672813d5cf5f8b92d3ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer

Response headers

access-control-max-age
3600
content-encoding
gzip
etag
"46dbb"
age
0
access-control-allow-methods
OPTIONS, GET
x-cache
MISS
date
Thu, 26 Sep 2024 22:36:52 GMT
content-type
application/json
vary
Authorization, Accept-Encoding
x-served-by
cache-fra-eddf8230124-FRA, cache-fra-eddf8230099-FRA
x-cache-hits
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control
max-age=0
x-timer
S1727390212.429298,VS0,VE455
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
499
62b32c985da31a12c2cf3965
events.launchdarkly.com/events/diagnostic/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/62b32c985da31a12c2cf3965
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-115-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Thu, 26 Sep 2024 22:36:52 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6IklUQVUjbW9ua2V5QG1vbmtleS5leGNoYW5nZSJ9
app.launchdarkly.com/sdk/evalx/62b32c985da31a12c2cf3965/contexts/ 		3 KB
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/62b32c985da31a12c2cf3965/contexts/eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6IklUQVUjbW9ua2V5QG1vbmtleS5leGNoYW5nZSJ9
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c705ac369b403c6c53d8f3ed8a98ae9be7a080c0022672813d5cf5f8b92d3ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer

Response headers

access-control-max-age
3600
content-encoding
gzip
etag
"46dbb"
age
0
access-control-allow-methods
OPTIONS, GET
x-cache
MISS
date
Thu, 26 Sep 2024 22:36:52 GMT
content-type
application/json
vary
Authorization, Accept-Encoding
x-served-by
cache-fra-etou8220071-FRA, cache-fra-eddf8230099-FRA
x-cache-hits
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control
max-age=0
x-timer
S1727390212.428231,VS0,VE456
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
499
eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6IklUQVUjbW9ua2V5QG1vbmtleS5leGNoYW5nZSJ9
clientstream.launchdarkly.com/eval/62b32c985da31a12c2cf3965/ 		3 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/62b32c985da31a12c2cf3965/eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6IklUQVUjbW9ua2V5QG1vbmtleS5leGNoYW5nZSJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Cache-Control
no-cache
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
cache-control
no-cache, no-store, must-revalidate
ld-region
eu-west-1
access-control-allow-methods
GET,OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
date
Thu, 26 Sep 2024 22:36:53 GMT
content-type
text/event-stream; charset=utf-8
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
login.svg
assets.monkeyecx.com/credit/wl/itau/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.monkeyecx.com/credit/wl/itau/login.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6dae42e17df5ce66c9ca579e4321bf5d6530b7c2a0bbb3a2e19fed08bd5894ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
W/"8a112eef81a0ad25a0eef67c40c6605e"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
rZNwmL6UzYXD3JU59-3MmkD7nU7dTH7GDlbGFh_2JAvFDVZs2vl1nQ==
date
Thu, 26 Sep 2024 22:36:54 GMT
content-type
image/svg+xml
last-modified
Thu, 26 Sep 2024 20:44:05 GMT
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
monkey-icons.woff2
assets.monkeyecx.com/icons/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.monkeyecx.com/icons/monkey-icons.woff2?f832c5da50bd9c55807c1402a0352821
Requested by
Host: assets.monkeyecx.com
URL: https://assets.monkeyecx.com/icons/monkey-icons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bbae13a4a8f594cd1d90698aa929d56e23f2204c950bf2b5fff2804a117578c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://assets.monkeyecx.com/icons/monkey-icons.min.css

Response headers

access-control-max-age
3000
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
etag
"c99e6db41a76e071cbeeafb95e587ca5"
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
9fjRAxRSdQm4T-cS93WOFU9Vi6Fpxzyx_v1KYYbRBVWCCr9cjp_vkw==
date
Thu, 26 Sep 2024 22:36:54 GMT
content-type
binary/octet-stream
last-modified
Thu, 26 Sep 2024 20:44:06 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
38256
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C1
server
AmazonS3
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://riscosacadohmg.itau.com.br
Referer
https://fonts.googleapis.com/

Response headers

age
48240
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 09:12:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 09:12:51 GMT
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50668
x-xss-protection
0
server
sffe
62b32c985da31a12c2cf3965
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/62b32c985da31a12c2cf3965
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-115-216.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://riscosacadohmg.itau.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Thu, 26 Sep 2024 22:36:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
62b32c985da31a12c2cf3965
events.launchdarkly.com/events/bulk/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/62b32c985da31a12c2cf3965
Requested by
Host: riscosacadohmg.itau.com.br
URL: https://riscosacadohmg.itau.com.br/polyfills.45e68c9814bbcfbd.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-115-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Event-Schema
4
Referer
X-LaunchDarkly-Payload-ID
d49f8dc0-7c57-11ef-9de6-b154fbf9a114
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Thu, 26 Sep 2024 22:36:54 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6IklUQVUjbW9ua2V5QG1vbmtleS5leGNoYW5nZSJ9
clientstream.launchdarkly.com/eval/62b32c985da31a12c2cf3965/ 		3 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/62b32c985da31a12c2cf3965/eyJlbWFpbCI6Im1vbmtleUBtb25rZXkuZXhjaGFuZ2UiLCJraW5kIjoidXNlciIsImtleSI6IklUQVUjbW9ua2V5QG1vbmtleS5leGNoYW5nZSJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Cache-Control
no-cache
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
cache-control
no-cache, no-store, must-revalidate
ld-region
eu-west-1
access-control-allow-methods
GET,OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
date
Thu, 26 Sep 2024 22:36:55 GMT
content-type
text/event-stream; charset=utf-8
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| statusEmbedTest object| google object| userGuidingLayer object| userGuiding object| webpackChunkmonkey_credit_front function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononscrollsnapchangepatched boolean| __zone_symbol__ononscrollsnapchangingpatched object| global object| hj object| regeneratorRuntime object| ng function| _ object| DD_RUM function| saveAs object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__messagefalse function| setImmediate function| clearImmediate function| reRenderUserGuidingApp object| __zone_symbol__turbolinks:loadtrue boolean| _subscribeToAttributeChangesActive object| dataLayer object| google_tag_manager object| google_tag_data object| __zone_symbol__loadfalse object| __ugPreviewFunctionContext object| __zone_symbol__pagehidefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'unsafe-inline' data: ws:; object-src 'self'; frame-ancestors 'self' https://*.logs.datadoghq.com https://*.browser-intake-datadoghq.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3rcb6b7bt4x2.statuspage.io
app.launchdarkly.com
assets.monkeyecx.com
clientstream.launchdarkly.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
riscosacadohmg.itau.com.br
static.userguiding.com
unpkg.com
www.googletagmanager.com
www.gstatic.com
108.138.7.111
108.138.7.16
13.224.189.37
151.101.194.217
18.233.115.216
18.234.20.106
2606:4700:20::ac43:4693
2606:4700::6811:f5cb
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:828::2003
2a00:1450:4001:831::2008
76.223.31.44
0fce77a94ccff1f61eeceb2d566309159c2f54e3c378062136a077d90e13300a
1566adb25728e6c484131c89dd23a5de57f3cc51f64f4857f16454b63c5d873d
35ac0bef4f5a6ab0597a358f27a91b16399209d3b5fecafe3507a7e747160521
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
45d83f4a198dc9974d04f0ca8e82d70ce89f31f85dd97547599301e8a282d015
4bbae13a4a8f594cd1d90698aa929d56e23f2204c950bf2b5fff2804a117578c
4e63c7de38aac967299c282d02b5ef81a5f8c32b520b9a4b4be5bb9a3109e325
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fd44a4891c1471041b901cec2f435887b5dbd6dd565248c2aea06601e78feba
5beb693cf70ad744d6442db35efb4d5e67fec29364d55ec1d7d9cc34c5ff1989
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6b4091470f829e2f1bae7554101b9744e5f5b99aae0ce63e3ecd2534a9b7c598
6c705ac369b403c6c53d8f3ed8a98ae9be7a080c0022672813d5cf5f8b92d3ff
6dae42e17df5ce66c9ca579e4321bf5d6530b7c2a0bbb3a2e19fed08bd5894ba
77d9b2e9052d238fa5ae38423fb5e461e63f0536adc150bc30b4cdd5dc8c357a
77f604ab6a94bf0f56a75455357e7eaaccb790c008e8a070e3a250aa5f8bba24
859ffdbf3a6af6684ad4dd453bd68667748a0b2cbfbb57adfa6a8ac5545ce4b9
8fd2eb1e50eb117e84d22e6ed6fed2e50bf059f2b1527fff8b96679fcf1310ee
99a251662165f4ce8a58450330d03b4578f05a17a3aa625f9cae9f8867b91868
9f8a3500de98ca97135e53c9ba0e74899121fd18c10b9d410b6881751c25666b
a4d7a68097c48877ef771c8b658255fedc24dd3578bfc91a8f77b843eafbc64a
a9b7864be81f06f65f9128b81132411c02e94942eb1d09b7553a3a55dc409edc
b42bdb41fbd4bf6e4b6ae6d26451370c1a69b914b6e4b8e7cf3d81fbf199e32f
bfdb9c15465f41cbccc58792b9cc5d81192c41916ffabc51eb936bbc865442e0
bff0ae4be43acda4c151c9d8afcc2c9ac204ab6f21d8dd3bdaef1227bf0920e9
c028eb5da079098eb1dded03ea2b06ba40d2dc0b993c10f8dd4d17df8aea68fd
c0343a3fa6af2a7f1604b534ebd429b27d0776182d8750c7c01d90c742d79bc3
c5f58b035950e7439c27f066e3acaace7fb2f4aa40ffc07887ef585778bb47d6
cb06443b2f83e815eba1ba8658568c4d0636d1892c9d77aad2f02a02077f79d4
d8369858b988da0292bd947205e61657b82efef480f61f25dc10c96aca80c48d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7b5025adf605437c7f7dd48c9b341fa512a226aa53ba7512b3083e421915f2a
fea9f4c86b038edc5ee12c4dd7026500cdcea3888e1f0538220e68d317a0110a